CVE-2011-0432
PyWebDAV vulnerability CVE-2011-0432 affects the PyWebDAV package prior to version 0.9.4.1. In DAVServer/mysqlauth.py, the get_userinfo method contains SQL injection flaws that allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw parameters. This originates from a f...